cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

KeyStore access from Java mapping

former_member200339
Participant

on ‎04-23-2017 11:54 PM

0 Kudos

Dear Experts,

I am working on PI 7.3 dual stack. There is a requirement where Java Mapping will have to access the Key Store Manager and get the digital key maintained in the NWA. Please provide me any example code and the relevant jar files.

Thanks and Regards,

Rana Brata De

Show replies
Show replies
Answer
View Entire Topic
Andrzej_Filusz
Contributor
‎04-24-2017 8:56 AM

Hi,

Here you are:

import java.rmi.RemoteException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import com.sap.engine.interfaces.keystore.KeystoreManager;
import com.sap.security.core.server.ssf.SsfProfileKeyStore;
import com.sap.aii.mapping.api.StreamTransformationException;


private static SsfProfileKeyStore getCertProfile(String alias, String password) throws StreamTransformationException {
	//	get profile from keystore service of AS Java
	InitialContext ctx = null;		
	try {
		ctx = new InitialContext();
	} catch (NamingException ex) {
		throw new StreamTransformationException("Initial context: " + ex.getMessage(), ex);
	}
	
	KeystoreManager manager = null;		
	try {		
	   manager = (KeystoreManager)ctx.lookup("keystore");
	} catch (NamingException ex) {
		throw new StreamTransformationException("Named object: " + ex.getMessage(), ex);
	}
				
	KeyStore keyStore = null;
	try {	
		keyStore = manager.getKeystore("DEFAULT");
	} catch (RemoteException ex) {
		throw new StreamTransformationException("Default keystore: " + ex.getMessage(), ex);
	}
	
	SsfProfileKeyStore profile = null;       
	try {
		profile = new SsfProfileKeyStore(keyStore, alias, password);
	} catch (KeyStoreException ex) {
		throw new StreamTransformationException("Profile: " + ex.getMessage(), ex);
	}			
			
	return profile;				
}

(...)

SsfProfileKeyStore profile = getCertProfile(alias, password);			
PrivateKey key = (PrivateKey)profile.getPrivateKey(); 			
X509Certificate[] chain = profile.getCertificateChain();

Regards,

Andrzej

Show replies
Show replies
former_member200339
Participant
‎04-25-2017 4:13 PM
0 Kudos

Dear Andrzej,

Thanks for your reply. I could reach the Key Storage and view some of the keys i.e.

securestorage, TrustedCAs, DEFAULT, WebServiceSecurity, WebServiceSecurity_Certs. We have made a similar one in the name of our company <CompanyName> and imported a certificate in it. But we cannot see that one. Our objective is to find the certificate and as well as the private-key from mapping. Do you have any suggestion on how to proceed.

Thanks and Regards,

Rana Brata De

Ask a Question